During the SMTP session, inbound and outbound emails are searched for dangerous types of file attachments. Dangerous files are those that can execute code, which can be used by malicious persons to spread viruses or do harm to your computer. Restricted file types include, but are not limited to, program files (.exe, .com), script files (.bas, .vbs, .js) and shortcuts to files (.lnk, .pif). When an email is sent or received that contains a restricted file attachment, the email is rejected and the sender receives a "bounced" email notification informing them of the restriction.

Normalization

This stage searches for email formatting vulnerabilities that can be used by viruses to hide from virus scanners. If any vulnerability is found, our system corrects the formatting of the message so that it can be correctly scanned for viruses. This is called "normalizing" the message, and most notably this process protects against all known Microsoft Outlook security threats.

Decompression

Next, if the email contains any compressed attachments such as zip files, the compressed attachments are temporarily unzipped so that the contents can be scanned for viruses. Many of today's viruses use compression as a way to sneak their way past virus scanners, sometimes even compressing themselves in several layers to try to hide from scanners. If an attachment cannot be decompressed, such as might be the case with password protected zip files, the original file is scanned for virus signatures that occur within compressed attachments.